The embodiments discussed herein relate to a method for the secure determination of data in which in a first processor a mathematical operation with a key is applied to a point of an elliptical curve, wherein the key may be depicted as a binary number with a sequence of bits (bi).
By means of the establishment of key pairs consisting of a private and a public key, asymmetrical cryptography systems guarantee a high enough degree of security to ensure that it is virtually impossible for an attacker to decode the private key or the message encoded with the public key in finite time. Conventional cryptography systems, such as, for example, those based on elliptical curves, are based on encoding which can be performed in polynomial time but can be only inverted in exponential time relative to the length of the key in bits. With systems based on elliptical curves, nowadays, key lengths of n=160 to 192 bits are used and with systems based on RSA algorithms lengths of n=1024 to 1536 bits should be used for approximately the same security level.
Therefore, cryptographic methods based on elliptical curves are more efficient and require less bandwidth to transmit the system parameters than other cryptographic methods with a comparable degree of achievable security.
As an example, there now follows an outline of the known Diffie-Hellman method for agreeing a key between two communication subscribers based on elliptical curves. Hereby, the first communication subscriber A knows a security parameter ra and the second communication subscriber B knows a security parameter rb. When the two communication subscribers have agreed on an elliptical curve and on a common point P on this elliptical curve, the communication subscriber A determines a valueQa=ra*P 
and the communication subscriber B a valueQb=rb*P. 
Subsequently, the value Qa is transmitted by the communication subscriber A to the communication subscriber B and the value Qb by the communication subscriber B to the communication subscriber A. In a further scalar multiplication, the communication subscriber A now determines the common keyK=ra*Qb=ra*rb*P 
and the communication subscriber B the same common keyK=rb*Qa=rb*ra*P. 
Therefore, these scalar multiplications form an essential building block in cryptographic methods based on elliptical curves. It is particularly advantageous to use elliptical curves, since the inversion operation, that is the determination of a scalar ra,b from the knowledge of the points Qa,b and P, so that Qa,b=ra,b*P, can only be calculated with a significant calculating effort. With the present level of knowledge, the scalar multiplication can be calculated in polynomial time but inverted only in exponential time.
However, the known cryptographic methods based on elliptical curves are vulnerable with respect to so-called side channel attacks. These represent an alternative to methods of attack based on the inversion of the encoding in order to break the algorithm on which the encoding is based in the most efficient way possible. These are used in particular with mobile aids such as, for example, smartcards or dongles on which secret key material is stored in order to generate an encoded exchange of messages or decode messages once again.
The attacker uses the comparatively easy accessibility of data lines of the corresponding circuits in order to measure physical variables such as power, electromagnetic emission, results with induced errors or run times of certain calculations. A direct evaluation of the measured values on the basis of a simple power analysis (SPA) or by recording measured values such as power by means of a storage oscilloscope and subsequent statistical evaluation is an efficient way of obtaining information on the underlying algorithm or, in the worst case, information on a currently existing key.
The latter will be explained in more detail with reference to an example: a method for encoding provides a mathematical operation for both algorithms based on elliptical curves and for algorithms based on the RSA method.
In the case of elliptical curves, a scalar multiplicationQ=k*P 
should be performed as a mathematical operation, wherein P is a point on an elliptical curve over a finite field K and k is again a key or a variable derived therefrom.
A possible implementation of the scalar multiplication can be achieved by implementing the following algorithm on an arithmetic and logic unit, wherein the key k is set by a binary representation (bi i=n−1−0):
Algorithm 1:EC—elliptical curve: Q =k*P                (1.1) Q←0        (1.2) i←n−l        (1.3) while i>−1        (1.3.1) Q←2*Q        (1.3.2) if bi=1, then Q←Q+P        (1.3.3) i←i−1        (1.4) deliver Q        
In the case of a simple power analysis (SPA), the profile of the power consumption of a scalar multiplication is analyzed. The scalar multiplication primarily consists of additions and duplications. However, the operations differ significantly in the number of elementary operations in K, so that the power consumption also differs. Therefore, it is possible to use a corresponding side channel attack to draw conclusions regarding the individual bits and hence the binary representation of k itself.
One possible step for defense against attacks of this kind consists in aligning the power flows and calculation run times dependent upon the value of a respective bit for both possible bit states 0 and 1 as demonstrated in the following:
A point P of an elliptical curve E is defined by its x-coordinate and its y-coordinate. On the basis of the curve equation of the elliptical curve E, there are at the most two different y-values yl and y2 for one x-value so that the points (x,yl) and (x,y2) are points on the elliptical curve E. In order, therefore, unequivocally to define a point on the elliptical curve E, apart from the x-coordinate, only one bit of additional information is required.
In the case of an elliptical curve E over finite prime fields, for example, the so-called least significant bit (LSB) of the y-coordinate or the (+/−) sign of the y-coordinate of the respective point is sufficient as additional information
These properties of elliptical curves are used in the so-called Montgomery ladder algorithm, which is a common method for the implementation of scalar multiplication on elliptical curves. The Montgomery ladder algorithm can be implemented in such a way that only the x-coordinate of P is used to calculate the x-coordinate of a scalar multiple of a point P. Since, as demonstrated below, the Montgomery ladder is simultaneously a very good method for counteracting simple power analyses, it is frequently implemented in crypto systems running on embedded systems.
According to the method of a Montgomery ladder algorithm described below, a multiple k*P of a point P located on an elliptical curve is calculated.
The scalar k=(bn—l, . . . , bi, . . . , b0), specified in binary representation, is processed bit-by-bit starting with the so-called most significant bit (MSB, N1).
Algorithm 2: EC—elliptical curve: Q=k*P Montgomery ladder:                (2.1) R←P, S←0        (2.2) i←n−1        (2.3) while i>−1        (2.3.1) if bi=1 {S←S+R, R←2*R}        (2.3.2) else {R←R+S, S←2*S}        (2.3.3) i←i−1        (2.4) deliver R, S        (2.5) reconstruct k*P from the points R, S and P        
In the example shown, the addition and the duplication are executed bit-independently completely uniformly. It is therefore not possible to draw any conclusions regarding the bit sequence from the sequence of the operations. However, problems are presented by the jump instruction (“if” or “else”), since this leads to a jump to different addresses which becomes apparent from a different power consumption.